CVE-2024-57760 – This SQL injection vulnerability in JeeWMS allo... (How to Fix)

Q: What is the severity of CVE-2024-57760?

CVE-2024-57760 has a CVSS score of 6.5 (MEDIUM). This SQL injection vulnerability in JeeWMS allows attackers to execute arbitrary SQL commands through the ReportId parameter. It affects all JeeWMS installations before version 2025.01.01, potentially compromising database integrity and confidentiality.

📋 TL;DR

This SQL injection vulnerability in JeeWMS allows attackers to execute arbitrary SQL commands through the ReportId parameter. It affects all JeeWMS installations before version 2025.01.01, potentially compromising database integrity and confidentiality.

💻 Affected Systems

Products:

JeeWMS

Versions: All versions before 2025.01.01

Operating Systems: All platforms running Java

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /core/CGReportDao.java component specifically through ReportId parameter.

📦 What is this software?

Jeewms by Jeewms

View all CVEs affecting Jeewms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, modification, deletion, or potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access, data manipulation, and potential privilege escalation within the database.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection vulnerabilities are typically easy to exploit with basic knowledge of SQL and web requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2025.01.01

Vendor Advisory: https://gitee.com/erzhongxmu/JEEWMS/issues/IBFTVK

Restart Required: Yes

Instructions:

1. Download JeeWMS v2025.01.01 or later. 2. Backup current installation. 3. Replace affected files with patched version. 4. Restart the application server.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize ReportId parameter

Implement parameterized queries or prepared statements in CGReportDao.java

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns

Configure WAF to detect and block SQL injection attempts on ReportId parameter

🧯 If You Can't Patch

Implement network segmentation to restrict access to JeeWMS application
Enable database auditing and monitoring for suspicious SQL queries

🔍 How to Verify

Check if Vulnerable:

Check JeeWMS version in application interface or configuration files

Check Version:

Check application.properties or version.txt in JeeWMS installation directory

Verify Fix Applied:

Verify installation of v2025.01.01 or later and test ReportId parameter with SQL injection test payloads

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts or parameter manipulation in application logs

Network Indicators:

SQL keywords in HTTP POST/GET requests to /core/CGReportDao endpoints

SIEM Query:

source="*jeeWMS*" AND ("ReportId" AND ("UNION" OR "SELECT" OR "INSERT" OR "DELETE"))

📊 Metadata

CVE ID: CVE-2024-57760

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

EPSS Score: 0.14% exploit probability (34.4th percentile)

Published: January 15, 2025

Last Updated: April 21, 2025

🔗 References

https://gitee.com/erzhongxmu/JEEWMS/issues/IBFTVK Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57760, you might also want to check these: